Grand Challenge in Resilient Control Systems (RCS)
- A preeminent objective for corporate and government organizations is state awareness, a comprehensive understanding of security and safety for critical infrastructures, embedded within their industrial-based control systems.
- Asset owners as well as government are burdened to ensure they have a timely under-standing of the status of their plant(s), to ensure efficient operations and public protection.
- Coupled with the need for state awareness is resilient design, which necessitates a paradigm shift in the methods used to historically develop control systems. This paradigm is predicated on the fact the traditional trust relationships in peer communications are no longer a satisfactory assumption. Instead, a resilient control system design expects a malicious actor or actions to be part of normal operation and is designed to mitigate such actions.
- These measures, which can be categorized as cyber and physical security, process efficiency and stability, and process compliancy, provide the operating requirements that are monitored for state awareness and definition of the state space.
- New concepts that research the human system responses, both benevolent operator and malicious actor interactions, as well as the complex interdependencies of distributed control systems require consideration.
- The move from reactive to proactive control of plants and mechanisms by which the evaluation and verification of designs is considered all the way from design through implementation stages of resilient control systems is enabled by this paradigm shift.
Definition of a Resilient Control System
A resilient control system is one that maintains state awareness and an accepted level of operational normalcy in response to anomalies, including threats of a malicious and unexpected nature.
- State Awareness — Knowledge of Threats to Normalcy
- Has to be a given for any measure or threat consideration affecting normalcy
- Must be viable for unexpected threats, and therefore, also those expected
- Allows supervisory subordinates defined autonomy for a faster control response.
- Resilient Design — Maintaining Operational Normalcy in Spite of Threats
- Comes at a price, and equates to accepted risk given an understanding of consequence
- Maintains an accepted level of normalcy in the operation of the control system, and as a result, also in the process application
- In the presence of threats, the system supports mitigation as well as restoration of system wide function.
State Awareness and Resilient Design